5 matches found
CVE-2022-0628
The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0628
The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0628
The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0628 AP Mega Menu < 3.0.8 - Reflected Cross-Site Scripting
The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0628
CVE-2022-0628 affects the WordPress plugin Mega Menu prior to version 3.0.8. The vulnerability stems from not sanitizing/escaping the _wpnonce parameter before echoing it on an admin page, enabling Reflected Cross-Site Scripting. Impact is a user/admin-page XSS exposure as described across NVD/Re...